{"id":"CVE-2022-34937","details":"Yuba u5cms v8.3.5 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component savepage.php. This vulnerability allows attackers to execute arbitrary code.","modified":"2026-04-12T03:45:36.698531Z","published":"2022-08-03T01:15:07.457Z","references":[{"type":"REPORT","url":"https://github.com/u5cms/u5cms/issues/51"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/u5cms/u5cms","events":[{"introduced":"0"},{"last_affected":"ef1ee77c230d6260c56a91cf991dc89c6280f3b7"}],"database_specific":{"source":"CPE_FIELD","cpe":"cpe:2.3:a:yuba:u5cms:8.3.5:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"8.3.5"}]}}],"versions":["v8.3.5"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-34937.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}